[OpenID] experimental namespace for openid.net

[Dirk Balfanz]

On Mon, Jul 13, 2009 at 1:44 PM, John Bradley <john.bradley at wingaa.com>wrote:

> Dirk,
>
> I don't think the openid general list can give you permission to do
> anything.
>

I understand that. I'm trying to gauge what people think about the idea. If
there would be lots of "sure, that sounds like a good idea" responses, I
would take heart in knowing that I would probably not end up in purgatory if
I went ahead and used the namespace even before a formal approval process
has been found. But frankly, I would have thought that we could do something
like X-... HTTP headers, which wouldn't even need approval.


>
> The only negative response was from David who I believe wants the namespace
> reserved for official openID WG.
>
> If we can get the registry going I would personaly be OK with you using
> experimental.openid.net.
>
> However at this point I have to recommend using something in the google
> namespace.
>
> What you have proposed is a prototype so I don't think,  using a different
> namespace is a big deal.
>

Well, that's the alternative. I'd hate to do that, though, since I'm not
trying to invent some Google-proprietary thing. I would like to signal to
the world that (at least in my opinion) this is a contribution to the
ongoing conversation about how OpenID should evolve.


> OpenSocial is using its own namespace.


They're extending XRDS for OpenSocial discovery, so they use an OpenSocial
namespace. I'm extending XRDS to discover OpenID endpoints, so I'd like to
use an OpenID namespace.



> I just don't think holding up your work to get something registered in
> experimental.openid.net is worth it.
> I also don't think it is appropriate for google to use it without the
> appropriate permission whatever that turns out to be.
>
> It isn't like my opinion counts for much but you have it.
>

Thanks John, always appreciated!

Dirk.



>
> Regards
> John B.
>
> On 13-Jul-09, at 1:34 PM, general-request at openid.net wrote:
>
>  Date: Mon, 13 Jul 2009 10:10:46 -0700
>> From: Dirk Balfanz <balfanz at google.com>
>> Subject: Re: [OpenID] experimental namespace for openid.net
>> To: Breno de Medeiros <breno at google.com>
>> Cc: OpenID Specs Mailing List <specs at openid.net>,       "
>> general at openid.net
>>        List" <general at openid.net>
>> Message-ID:
>>        <60c552b80907131010w10bec492h3cb544488f2f4c3f at mail.gmail.com>
>> Content-Type: multipart/alternative;
>>        boundary=0016369fa20d26d882046e9967c1
>>
>> --0016369fa20d26d882046e9967c1
>> Content-Type: text/plain; charset=ISO-8859-1
>> Content-Transfer-Encoding: 7bit
>>
>>
>> Hi guys,
>> somehow I only get sporadic messages from this mailing list (I'll have to
>> dig through my spam settings, etc, to find out what's going on there), so
>> I
>> read the various responses on the web archives. Let me try to respond to
>> them:
>>
>> - XMLDSIG vs. other kinds of signatures: This is exactly the kind of
>> discussion going on at the XRI TC right now. There are those on the TC
>> that
>> think xmldsig with constrained c14n will work, and those that think that
>> this is still too complicated. You're welcome to join the TC and
>> participate
>> in the discussion.
>>
>> - Google "gatewaying" users through itself (by hosting host-meta files for
>> domains at Google): we have no intention of gatewaying users through
>> Google.
>> When a domain hosts its own host-meta, the discovery will of course just
>> work. We simply asked ourselves the question: How can we give all our
>> Google
>> Apps users an OpenID with the least amount of work required on the part of
>> the Google Apps domain admins? Domains should host their own host-meta. If
>> they don't (and many won't), RPs should find a way to still perform
>> discovery for that user. Trying Google _first_, and then the domain, will
>> in
>> the vast majority of cases result in lower latency from
>> user-supplied-identifier to discovery information than the other way
>> 'round.
>> But RPs can do whatever they want. They could, for example, try both in
>> parallel and go with whatever host-meta comes back first (be that from
>> Google, from another hosting provider, or from the actual domain).
>>
>> - Having said all that, what I was trying to figure out in this thread was
>> that assuming that a provider wants to launch a proof-of-concept
>> implementation of a feature that I think we all agree is needed in OpenID
>> (in this case, better discovery), what namespace should the provider use
>> for
>> the various pieces in the protocol that haven't officially been approved
>> yet. The responses that actually tried to address that question seemed to
>> think that http://experimental.openid.net was a good idea, but that some
>> sort of process might be needed to hand out chunks of that namespace. I
>> assume that that process should make sure that the provider in question is
>> making a good-faith effort to actually contribute to the OpenID community
>> during the further development of the feature in question, as opposed to
>> grabbing just a chunk of semi-official-sounding namespace? I'm a wee bit
>> concerned that the processes that people want to see in place for this
>> might
>> take a bit of time to establish (feel free to prove me wrong by setting up
>> a
>> registry, etc!), so I'm wondering whether in this case we could follow the
>> spirit of the yet-to-be-established process (assuming I captured it
>> correctly), as opposed to the letter (which doesn't exist yet), and just
>> agree that it is ok for us, in this case, to use that namespace.
>>
>> Cheers,
>>
>> Dirk.
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-general/attachments/20090713/50b00a32/attachment.htm>